Skip to content
This repository has been archived by the owner on May 24, 2020. It is now read-only.
/ doorman Public archive

RFC-compliant Time-Based One-Time Password (TOTP) implementation with support for Google Authenticator

License

MIT license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BattleRattle/doorman

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

examples

examples

 
 

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

composer.json

composer.json

 
 

phpunit.xml.dist

phpunit.xml.dist

 
 

Repository files navigation

Doorman

Build status: Build Status

Doorman is an RFC-compliant implementation of the TOTP (Time-Based One-Time Passsword, RFC 6238) algorithm, which is commonly used for Two Factor Authentication.

A wrapper for the Google Authenticator - a key manager and code generator, which can be downloaded for free, is also available. It also works for other 3rd party code generators, that use the TOTP algorithm.

Requirements

You need at least a 64-bit version of PHP 5.4 or HHVM.

Installation via Composer

Use Composer CLI:

php composer.phar require battlerattle/doorman:1.0.*@dev

Or add battlerattle/doorman to your composer.json:

"require": {
    "battlerattle/doorman": "1.0.*@dev"
},

Usage

This is a pretty basic example

use BattleRattle\Doorman\Authentication\TimeBasedAuthenticator;

// get the code from user input
$code = '...';

// the user's secret key
$key = '...';

$authenticator = new TimeBasedAuthenticator();
$result = $authenticator->authenticate($key, $code);

if ($result) {
    echo 'Welcome, you successfully logged in';
} else {
    echo 'Nope, please try again';
}

Google Authenticator

In this example we use the Google Authenticator, which uses base32-encoded keys, that will be decoded internally.

use BattleRattle\Doorman\Authentication\GoogleAuthenticator;

$code = '...';
$key = '...';

$authenticator = new GoogleAuthenticator();
$result = $authenticator->authenticate($key, $code);

if ($result) {
    echo 'Welcome, you successfully logged in';
} else {
    echo 'Nope, please try again';
}

Key Generator

This generator creates "Google Authenticator"-compliant keys:

use BattleRattle\Doorman\KeyGeneration\GoogleAuthKeyGenerator;

$keyGenerator = new GoogleAuthKeyGenerator;
$key = $keyGenerator->generateKey();

// it's good practice to split the key into chunks of 4 characters for better readability
$formattedKey = implode(' ', str_split($key, 4));

echo 'Add this key to your authenticator: ' . $formattedKey;

References

About

RFC-compliant Time-Based One-Time Password (TOTP) implementation with support for Google Authenticator

Topics

totp google-authenticator two-factor-authentication rfc-6238

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

v1.1.0 Latest
Aug 19, 2017

Packages

No packages published

Languages